Description

Snort is the world's most widely deployed open source
intrusion-detection system, with more than 500,000 downloads-a
package that can perform protocol analysis, handle content
searching and matching, and detect a variety of attacks and
probes

Drawing on years of security experience and multiple Snort
implementations, the authors guide readers through installation,
configuration, and management of Snort in a busy operations
environment

No experience with intrusion detection systems (IDS)
required

Shows network administrators how to plan an IDS implementation,
identify how Snort fits into a security management environment,
deploy Snort on Linux and Windows systems, understand and create
Snort detection rules, generate reports with ACID and other tools,
and discover the nature and source of attacks in real time